Computer data loss incident in more than 250 major US hospitals caused interruption of patient care, and medical staff were forced to rely on paper records.
Representative of Global Health Services (UHS), a system that manages more than 250 hospitals and medical facilities in the US, said the technology security incident took place on September 28, via a statement on the page. web. The company did not provide details on the number of affected facilities and patients.
According to UHS employees in Washington DC, the chaos started with the power outage on Sunday night. After that, the patient data on the computer is lost, the phone communication is interrupted …
American Hospital Association senior cybersecurity advisor John Riggi suspects this is a ransomware attack. Ransomware is a piece of malware that encrypts all data so that users cannot access and use it. The attacker will blackmail to exchange the recovery key.
UHS manages hospitals in many states in the US such as Washington, Fremont, California, Orlando … and a number of service facilities to care for mental patients and substance abuse issues.
A doctor in Washington, part of UHS, recounts his extreme anxiety about losing data on a computer. The medical staff cannot see the test results, scans, medication list and many other important information the doctor needs to guide treatment. Phone breakdown made the situation more complicated, the communication between nurses was difficult. Test orders must be delivered in person.
“At that time, we could not have access to any patient records, even previous views,” said a Texas health worker at UHS. Waiting time in emergency rooms has been increased from 45 minutes to 6 hours. Doctors have no results of X-rays or CT scans of patients.
The device to monitor the heart rate, blood pressure and oxygen concentration of critically ill patients stopped working due to the paralysis of the wifi network. They can only be used when there is a wired network.
Doctors in Washington were worried during the shift, because it could transfer patients to another department with incorrect information. Both the health workers in Texas and Washington DC requested anonymity because they were not allowed to speak in public.
“Ransomware attacks disrupt care and pose a risk to patients. This is a life-threatening crime that needs to be reacted and addressed by the government,” said Riggi, hospital cybersecurity advisor. suitable”.
According to data from cybersecurity firm Emsisoft, more than 700 US health care facilities were victims of ransomware last year. Total damage is estimated at $ 9 billion a year, including ransom and data recovery. Copying data every day is the only effective way, if you don’t want to pay the ransom.
Crime targeted in healthcare facilities, with ransomware, during a pandemic tends to increase. They infect the network with malicious code tampering with data, and require payment to unlock.
In early September, the first known death involving ransomware occurred in Dusseldorf, Germany. The attack caused the hospital network to fail, and a critical patient in urgent need of hospitalization died after moving to another city for treatment.
Nguyen Ngoc (Follow AP)